The Smart Techie was renamed Siliconindia India Edition starting Feb 2012 to continue the nearly two decade track record of excellence of our US edition.

April - 2009 - issue > Company Spotlight

AgeTak Enabling Secured Data Sharing

Jayakishore Bayadi
Wednesday, April 1, 2009
Jayakishore Bayadi
How efficiently and securely one is able to share data with customers, business partners, and among employees will determine how successful his or her business will be in today’s legislative environment and competitive market. The most illustrative example of this is found in the healthcare sector where a patient’s confidential medical information is created in many different places and has to be shared among many different healthcare professionals under the scrutiny of strict health information privacy regulations such as HIPAA. Another example is found in the financial sector where financial information, also protected by regulations such as Sarbanes-Oxley Act (SOX), has to be shared among many different financial institutions in the course of day-to-day business operations.

The traditional approach has been to solve the problem of ensuring data security by limiting access either at the database end or at the application level. This approach is becoming more and more impractical as data scattered across diverse systems has to be shared among different stakeholders – say a patient’s medical records, prescriptions, and billing information that have to be shared among different clinics, pharmacies, and insurance companies.

AgeTak, founded by Rakesh Verma, an alumnus of IIT-Bombay with a proven track record of developing innovative technologies and converting them into successful software products, has a different approach to the problem. “We intercept the data request just before it enters the database and provide for real-time privacy enforcement logic on-the-fly, we don’t have to modify thousands of applications and hundreds of databases of diverse technologies under the control of various agencies,” says Rakesh Verma, CEO. Founded in 2004, this Minneapolis based company’s response is based on the Access Right Control (ARC) technology that provides a mechanism for accessing data present in multiple places as if they were at one place and for implementing who-gets-what-data-for-what-purpose level of security and privacy at one place.

To meet the needs of secure data sharing in business intelligence and business-to-business applications one has to integrate many technologies and this is estimated to be a $2 billion annual market. Existing technologies cater to security needs but not the privacy and availability needs, they are also cost prohibitive in most of the cases. ARRA American recovery and reinvestment act provides for $20 billion towards making the electronic medical records portable across agencies without compromising privacy, and majority of this money will go to the above-mentioned market.

Consider, for example, the problem of sharing of patient’s medical records, billing information, or prescriptions among a clinic, the insurance company, and a pharmacy each with its own way of accessing these records. The conventional approach would be to modify each of the health information systems and copy the data from each place for use at the other institution. With ARC technology, all three places would be able to access the combined data from the three places as they have been doing their own data. Since this is done in a ‘virtual’ manner, the problems and costs associated with conventional data warehouses such as data integrity and lag time are avoided. In addition, each of the places would continue to access all the data as they did before because there is no modification in their own applications and the problems and costs associated with coding and re-training users are avoided. Furthermore, the original creator of the data, say the diagnostic lab at the clinic, would be able to control specifically what part of their data is allowed to be open to the insurance and pharmacy information systems and to audit what data is being accessed by whom at what time in real-time for compliance with privacy regulations. “A really sleek implementation of ARC technology allows the ultimate owner of the data – the patient – to specify what part of their data they want to be accessible to whom”, explains Verma. An even sleeker implementation of ARC technology allows on-the-fly masking of certain parts of sensitive information, as the first 12 digits of a credit card number or the first five digits of a social security number, for specific user roles, say the customer service representative at the insurance company who needs just the last four digits in each case, to drastically improve the privacy of data without affecting productivity.

Share on Twitter
Share on LinkedIn
Share on facebook